Relevant macOS security controlsīriefly, some relevant core security controls to mention here are: But first, let’s examine some of macOS’s native security controls. For that, we’ll need to take a look at a slightly more advanced malware family called XCSSET. However, they do no t explicitly exhibit the characteristics of adversarial on-disk application bundle manipulation.
Pirated and trojanized applications frequently abuse legitimate application bundles to subvert core macOS security controls. Unfortunately, this is not an uncommon scenario, as seen with the EvilQuest/ThiefQuest, Shlayer and Silver Toucan/UpdateAgent/WizardUpdate malware families (just to name a few), which frequently leverage masquerading tactics to hide their true nature. Additionally, if a user downloads a pirated application that has also been trojanized, they run the risk of infecting themselves. Software pirates are individuals who illicitly distribute applications like Microsoft Office, popular games (e.g., Fortnite), and productivity software (e.g, Adobe Photoshop) free of charge and usually over peer-to-peer services. Historically, legitimate apps have been the target of adversaries and software pirates alike. Unfortunately this has led to many developers’ apps being pirated or abused. In this thread, two developers discuss the inherent inability of macOS to protect their applications against tampering (as of Monterey). In fact, this has become such a problem that developers have begun to point this out in Apple’s own developer forums. Subversion on this level has the potential to impact one of macOS’s first layers of defense: Gatekeeper.
Protect your users’ email, identities and SaaS apps.Protect your corporate endpoints and network.
0 kommentar(er)
